shop-garena.ru
Open in
urlscan Pro
190.115.21.27
Malicious Activity!
Public Scan
Effective URL: https://shop-garena.ru/
Submission: On June 03 via manual from IL
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 13th 2020. Valid for: a year.
This is the only time shop-garena.ru was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Gaming (Entertainment)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 5 | 190.115.21.27 190.115.21.27 | 262254 (DDOS-GUAR...) (DDOS-GUARD CORP.) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:3b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2.16.186.59 2.16.186.59 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 2.16.186.58 2.16.186.58 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 4 | 2a02:6b8::1:119 2a02:6b8::1:119 | 13238 (YANDEX) (YANDEX) | |
12 | 7 |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-59.deploy.static.akamaitechnologies.com
contentgarena-a.akamaihd.net |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-58.deploy.static.akamaitechnologies.com
cdngarenanow-a.akamaihd.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
shop-garena.ru
1 redirects
shop-garena.ru |
397 KB |
4 |
yandex.ru
1 redirects
mc.yandex.ru |
94 KB |
3 |
akamaihd.net
contentgarena-a.akamaihd.net cdngarenanow-a.akamaihd.net |
104 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
33 KB |
1 |
jquery.com
code.jquery.com |
83 KB |
12 | 5 |
Domain | Requested by | |
---|---|---|
5 | shop-garena.ru |
1 redirects
shop-garena.ru
|
4 | mc.yandex.ru |
1 redirects
shop-garena.ru
|
2 | cdngarenanow-a.akamaihd.net |
shop-garena.ru
|
1 | contentgarena-a.akamaihd.net |
shop-garena.ru
|
1 | www.googletagmanager.com |
shop-garena.ru
|
1 | code.jquery.com |
shop-garena.ru
|
12 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
help.garena.ru |
shop.garena.ru |
www.garena.sg |
Subject Issuer | Validity | Valid | |
---|---|---|---|
shop-garena.ru Sectigo RSA Domain Validation Secure Server CA |
2020-05-13 - 2021-05-13 |
a year | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-05-20 - 2020-08-12 |
3 months | crt.sh |
a248.e.akamai.net DigiCert Secure Site ECC CA-1 |
2019-08-13 - 2020-08-12 |
a year | crt.sh |
mc.yandex.ru Yandex CA |
2019-09-23 - 2020-09-22 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://shop-garena.ru/
Frame ID: 3487C0C66110B46501974E9C271B9387
Requests: 15 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://shop-garena.ru/
HTTP 308
https://shop-garena.ru/ Page URL
Detected technologies
React (JavaScript Frameworks) ExpandDetected patterns
- html /<[^>]+data-react/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Помощь
Search URL Search Domain Scan URL
Title: ЧАВО
Search URL Search Domain Scan URL
Title: Условия Использования
Search URL Search Domain Scan URL
Title: Политика Конфиденциальности
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://shop-garena.ru/
HTTP 308
https://shop-garena.ru/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- https://mc.yandex.ru/watch/57261526?wmode=7&page-url=https%3A%2F%2Fshop-garena.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1591195987088%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200603165308%3Aet%3A1591195988%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A483813947343%3Arqn%3A1%3Arn%3A216295226%3Ahid%3A776193475%3Ads%3A0%2C30%2C261%2C1%2C225%2C0%2C0%2C371%2C1%2C%2C%2C%2C891%3Afp%3A936%3Agdpr%3A14%3Av%3A1877%3Awv%3A2%3Arqnl%3A1%3Ast%3A1591195988%3Au%3A1591195988996445958%3At%3A%D0%9C%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%20Garena%20%7C%20Garena%20Shop%20%7C%20%D0%93%D0%B0%D1%80%D0%B5%D0%BD%D0%B0%20%D1%88%D0%BE%D0%BF HTTP 302
- https://mc.yandex.ru/watch/57261526/1?wmode=7&page-url=https%3A%2F%2Fshop-garena.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1591195987088%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200603165308%3Aet%3A1591195988%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A483813947343%3Arqn%3A1%3Arn%3A216295226%3Ahid%3A776193475%3Ads%3A0%2C30%2C261%2C1%2C225%2C0%2C0%2C371%2C1%2C%2C%2C%2C891%3Afp%3A936%3Agdpr%3A14%3Av%3A1877%3Awv%3A2%3Arqnl%3A1%3Ast%3A1591195988%3Au%3A1591195988996445958%3At%3A%D0%9C%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%20Garena%20%7C%20Garena%20Shop%20%7C%20%D0%93%D0%B0%D1%80%D0%B5%D0%BD%D0%B0%20%D1%88%D0%BE%D0%BF
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
shop-garena.ru/ Redirect Chain
|
21 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
shop-garena.ru/css/ |
714 KB 383 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.css
shop-garena.ru/css/ |
3 KB 731 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.5.0.js
code.jquery.com/ |
281 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
shop-garena.ru/js/ |
3 KB 869 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
83 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
RUPC.jpg
contentgarena-a.akamaihd.net/GOP/newshop_banners/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon.png
cdngarenanow-a.akamaihd.net/gop/app/0000/100/067/ |
62 KB 62 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login_bg.png
cdngarenanow-a.akamaihd.net/webmain/static/payment_center/common/ |
10 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tag.js
mc.yandex.ru/metrika/ |
359 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
mc.yandex.ru/watch/57261526/ Redirect Chain
|
171 B 721 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
advert.gif
mc.yandex.ru/metrika/ |
43 B 425 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Gaming (Entertainment)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery function| ym object| google_tag_manager object| dataLayer object| Ya object| yaCounter572615265 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.shop-garena.ru/ | Name: _ym_d Value: 1591195988 |
|
shop-garena.ru/ | Name: laravel_session Value: eyJpdiI6IjI3a0ZTNjNSRkFoQ1dwMjYwNWo3Qmc9PSIsInZhbHVlIjoiVEt6N2lUc2VHdkpLeDVvWjhHbERvNlA5MTNxYzRyaThpMVhOdDFrUTBTQ25TL2YrNS9HRXo5NUVqSDUyNEt4dyIsIm1hYyI6IjFjYWE2NDAzYzE0ZTFhMzNkNTI0NDg2OTJiMDgxYjE2ZWMzNDk0NzI5M2EwMmRlZmQ5YTJjZGQ1MGRjZjNjMzYifQ%3D%3D |
|
shop-garena.ru/ | Name: XSRF-TOKEN Value: eyJpdiI6IklESzd1Tzd5SDl6RnNybkMvUG9GY3c9PSIsInZhbHVlIjoiK001ZDRXUklKa2t1UFR4cnh5YTRNZDJzbit6eklqODRacGpyenByMHFjdU0rTjdUTTVCeXdoWE9XZjA3cU5CYSIsIm1hYyI6Ijg1YTMyOGRkNGEwZWE1OTc4OGE4YzUzNDM4ZDZlNGQ4YmE5ODRiN2I3ZWU5YTUxNjBhNGY2YjIxZjc3YmFjNjYifQ%3D%3D |
|
.shop-garena.ru/ | Name: _ym_uid Value: 1591195988996445958 |
|
.shop-garena.ru/ | Name: __ddg1 Value: cSdIhar5RUTFqIc0J51I |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests; |
Strict-Transport-Security | max-age=86400 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdngarenanow-a.akamaihd.net
code.jquery.com
contentgarena-a.akamaihd.net
mc.yandex.ru
shop-garena.ru
www.googletagmanager.com
190.115.21.27
2.16.186.58
2.16.186.59
2001:4de0:ac19::1:b:3b
2a00:1450:4001:800::2008
2a02:6b8::1:119
083f13c812ab5b72104c91b3037f87c63631c383438f752e91bb3648c583cbad
0b433c0f8b949b33e1296f58020be5649d9e85d60ef6f3f2df2dae37c3c34ba4
0d1563b4980309a1fb04bab9bb7d7239336f5f52b98943176591d1dc18dbdb9a
2c7d3f3a22bdebeabe60d8aa5eaf39689b705b04281c4146e86b14a67652bda2
342cc6fb3a28b52d8a292de4b417d91b4e6049e585ce3ec30db1d95316a2b68f
499825d57d392f79ec43d382a5cb594b6965d3a1e9fd54290fbf34a9f2656542
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5828eb2bde2c1a4d69957583785a0f64630dd1a74a33d78fbb5ac9319d0cfc3a
a361d31cb01ee544f7f9c597670908d9efe3ded3f26ca4c969a3e872fcf76cb4
aff01a147aeccc9b70a5efad1f2362fd709f3316296ec460d94aa7d31decdb37
bb323cfe17056d7739a22bb2f32374d593a5950bd9f73c9d98005283b5daf66b
be7062062afb441c210d43fc7332ef037a47e8b0465a1f3dc45d0b8873fd9e39
e78766c02863635a1f34af8a59b1670aa6e0d3b02fb242dd31b0da42f31faa7b
e89cd6552953c4c76fc991e25fdbd7d174dc1e8082901b1859394dac08c2d967
f5f52e60a8712fa3043c9daa66e24925617f1bfe1d27b02f276e70d87ff81044